Study On Intelligent Algorithm Approach To Detection Engine Of Network Intrusion Detection

Intrusion Detection System acts as the effective complement to traditionalprotection techniques such as access control, firewall. Intrusion detection isconsidered to be an effective technique to detect attacks that violate the securitypolicy of systems. It can detect the successful breaches of security as well asmonitor attempts to breach security. In this paper, in order to enhance theeffectiveness for unknown intrusion, some network detection algorithms mainlyusing genetic algorithms and clustering analysis are proposed. They aremeasured by the detection rate and the false positive rate. It has applied valueon theory.The main contributions of this dissertation are summarized as follow:Firstly, to research methods on feature subset selection, a new algorithm offeature subset selection based on the genetic algorithm was proposed. It can bepropitious to enhance detective precision and to reduce burthen of the intrusiondetection system.Secondly, distinguished genetic clustering algorithm was approached toanomaly intrusion detection. The implementation tactic was improvedaccordingly. Then the Network Anomaly Intrusion Detection based on GeneticClustering (NAIDGC) algorithm was proposed. It not only makes workload ofconstructing training data set be saved but also reduce sensitivity on initialparameters.Thirdly, improved IDBGC algorithm was proposed based on solving theproblem of the NAIDGC algorithm to enhance effectiveness of networkintrusion detection. The improved IDBGC algorithm consists of nearestneighbor clustering stage and the genetic optimization stage. Meanwhile, asimulated annealing selection operator and an adaptive mutation operator wereapplied to genetic algorithm to enhance ability of local searching and toimprove shortcomings of random mutation.Finally, experiments on the currency database UCI KDD DatabaseRepository and DARPA/Lincoln Labs data were described. These experimentsshow that these three algorithms are efficiency. The improved IDBGCalgorithm achieves good performance for the average detection rate and theaverage false positive rate. It has preferably adaptability and expansibility.The algorithms proposed in this paper approach to anomaly detectionengine. They are significant to improve efficiency of detecting unknownintrusions.